Received: by 2002:a05:6520:4d:b0:139:a872:a4c9 with SMTP id i13csp2563806lkm; Mon, 20 Sep 2021 18:49:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxZDj/xMC6Zs3l1fLlxNwO6yCGWsk9LOnLMLwwSppzpYFtQkpaDM2H5Q2U58rugJPcL7zHE X-Received: by 2002:a6b:c308:: with SMTP id t8mr20913355iof.2.1632188973428; Mon, 20 Sep 2021 18:49:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632188973; cv=none; d=google.com; s=arc-20160816; b=h8CoDZReq1wvPTP2B5pnwPfbb9fJ/Xt76wwhV+kTfyGNn3FB2Oh1jS1RxrHdKTJg4G obNxgPaOq2/QsAsQzZWH8nRz1zFDp7rYOl8FSKU4MMW8BzxMB2fs90cNUFo6Vvz3/a3g cqjvrUdYMCDbSGSXJJewDxj2pEW6GEqZkCOhuuK73gtiWmFTCtIUw/LXL2LkqHdDN780 qD2VOgojM14Vwcp4+iUCSyG9LwyWaElZM0VvDXZ2VVKnQvbPOSw5Lnd5tFhqn199fe+/ 9bbFtvI2BCBKgn20bHopAk/cP8RAvl+MzAhMlkrASD2cc7mDvMcx02WUPe4oIRKGZmmT SA9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Nsf8BrVqlQOZYBHlSf6NxKK2bDEdFCx2QWv+Djv6n2U=; b=CtdSsYP/Q2zu1XLp7qem4GGC8u/JiRzmgvZclfrO3A2cBnWjrQKBuNwcQsS53qU4ml oCo/w4C+yys1363pvxPGrKfJ1jAM35UEDNe7kvKiD2pgXmGBxv6IiU1SDO0Rgn7DIsZ8 Fb4C/LIEutAO+UAxR3x38VQ/s5VT2ugrSx0siRcelYlUkCYyp/YVsZmCY0tpUXm8Evmt Xp+lrzxJMYRpxRPhxtf9upybSkh4DU9uq6IWdZv7mYdfiBm756KUCjyc7lxdeBoWyPKm daWgCileHj1tLUWJQ1XW1CMIB2ColUEy37jT88aPonFQ1+HK+ODJBtjBDeK++NH9R5L1 kEEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=fgSuAE59; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p4si15270285ilc.19.2021.09.20.18.49.22; Mon, 20 Sep 2021 18:49:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=fgSuAE59; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348708AbhITRkM (ORCPT + 99 others); Mon, 20 Sep 2021 13:40:12 -0400 Received: from mail.kernel.org ([198.145.29.99]:42454 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352055AbhITRhf (ORCPT ); Mon, 20 Sep 2021 13:37:35 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id E42CF615E3; Mon, 20 Sep 2021 17:07:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1632157622; bh=YxPJzeJfDl35CnxlcjnqdFyy/WyVRKIWB6LiGb3t2NY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fgSuAE595lqiBkxGidyVuW9SedQ8uZIXCzze3fNh2+6y5OtbTAEwXFzmnZ2X0yZPd swJXupnaSc1lLo1HMoYOk450t6K0kYb15Ry1dlH5M5r2K50ddsPohVyMrecBNcE/O3 xmYoDg03jNSWV1DmzYaSH1nCyKwG+GMCCMNc4bB0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Martin KaFai Lau , Andrii Nakryiko , Eric Dumazet , Kuniyuki Iwashima , Yonghong Song , Sasha Levin Subject: [PATCH 4.19 068/293] tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos Date: Mon, 20 Sep 2021 18:40:30 +0200 Message-Id: <20210920163935.589145054@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210920163933.258815435@linuxfoundation.org> References: <20210920163933.258815435@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Martin KaFai Lau [ Upstream commit 525e2f9fd0229eb10cb460a9e6d978257f24804e ] st->bucket stores the current bucket number. st->offset stores the offset within this bucket that is the sk to be seq_show(). Thus, st->offset only makes sense within the same st->bucket. These two variables are an optimization for the common no-lseek case. When resuming the seq_file iteration (i.e. seq_start()), tcp_seek_last_pos() tries to continue from the st->offset at bucket st->bucket. However, it is possible that the bucket pointed by st->bucket has changed and st->offset may end up skipping the whole st->bucket without finding a sk. In this case, tcp_seek_last_pos() currently continues to satisfy the offset condition in the next (and incorrect) bucket. Instead, regardless of the offset value, the first sk of the next bucket should be returned. Thus, "bucket == st->bucket" check is added to tcp_seek_last_pos(). The chance of hitting this is small and the issue is a decade old, so targeting for the next tree. Fixes: a8b690f98baf ("tcp: Fix slowness in read /proc/net/tcp") Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko Reviewed-by: Eric Dumazet Acked-by: Kuniyuki Iwashima Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20210701200541.1033917-1-kafai@fb.com Signed-off-by: Sasha Levin --- net/ipv4/tcp_ipv4.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 71236aa7388d..de4edfbc9e46 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -2177,6 +2177,7 @@ static void *tcp_get_idx(struct seq_file *seq, loff_t pos) static void *tcp_seek_last_pos(struct seq_file *seq) { struct tcp_iter_state *st = seq->private; + int bucket = st->bucket; int offset = st->offset; int orig_num = st->num; void *rc = NULL; @@ -2187,7 +2188,7 @@ static void *tcp_seek_last_pos(struct seq_file *seq) break; st->state = TCP_SEQ_STATE_LISTENING; rc = listening_get_next(seq, NULL); - while (offset-- && rc) + while (offset-- && rc && bucket == st->bucket) rc = listening_get_next(seq, rc); if (rc) break; @@ -2198,7 +2199,7 @@ static void *tcp_seek_last_pos(struct seq_file *seq) if (st->bucket > tcp_hashinfo.ehash_mask) break; rc = established_get_first(seq); - while (offset-- && rc) + while (offset-- && rc && bucket == st->bucket) rc = established_get_next(seq, rc); } -- 2.30.2